Comments (3)
Hi, that's interesting.
Can you provide me your modsecurity version, log type (json/standard) and few logs - let's say 3-5 complete entries from A to Z (please of course anonymize them replacing IP/hostname). I will try to take this into account during next update.
from modsecurity-parser.
Mod_security version: mod_security-2.9.3-1.el6.x86_64
For logs nothing special, SecAuditLogType Serial
Attached the file:
Tried to run the program
python3 modsecurity-parser.py -x test.xlsx -f for_test inputFileName : for_test ---------- modsec_audit events processed: 3 ---------- ---------- modsec_audit events skipped by INCLUDED/EXCLUDED options or INVALID : 0 ---------- Traceback (most recent call last): File "modsecurity-parser.py", line 689, in <module> outputWithGraphs = modsecViewGraphs(modsec_entries) File "modsecurity-parser.py", line 360, in modsecViewGraphs event_times = list(map(lambda x: datetime.strptime(x, LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1)) File "modsecurity-parser.py", line 360, in <lambda> event_times = list(map(lambda x: datetime.strptime(x, LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1)) File "/usr/lib64/python3.6/_strptime.py", line 565, in _strptime_datetime tt, fraction = _strptime(data_string, format) File "/usr/lib64/python3.6/_strptime.py", line 362, in _strptime (data_string, format)) ValueError: time data '10/Mar/2020:12:13:30 --0400' does not match format '%d/%b/%Y:%H:%M:%S %z'
If you replace --0400 to +0400 it works fine.
btw, the issue with the Killed action during the run was related to the amount of available ram(as expected =) )
from modsecurity-parser.
Seems that format with two dashes is very specific to Modsecurity. Anyway I added a piece of code which replaces double '-' to one and later the file is processed without any error. Check latest master and reopen if find any problems.
BTW: your example file is modified and added as 'sample_audit_log/modsec_audit_utc-4.log'.
from modsecurity-parser.
Related Issues (20)
- Error TypeError: pie() got an unexpected keyword argument 'normalize' HOT 4
- No modsecurity events found in the specified file HOT 3
- ValueError: Single argument to subplot must be a three-digit integer, not AxesSubplot(0.125,0.420962;0.149038x0.148077) HOT 2
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 1
- Graph error HOT 8
- Png Graph not show rule id HOT 4
- Doesn't work with python 3.11 on Wondows 10/11 with matplotlib > 3.3
- LogParts Setting HOT 2
- File config.yaml.example for global settings
- in Detection only mode on hapee-2.4/libmodsecurity3 no rules are displayed in the report HOT 5
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 5
- --version3 and libmodsecurity 3 parsing exceptions HOT 1
- ValueError: time data
- ValueError: Single argument to subplot must be a three-digit integer, not <Axes: > HOT 2
- Generate rsyslog/nxlog compatible paersed log file per minute to get a near real time view ? HOT 5
- incorrect HELP=Yes parameters
- TypeError: 'set' object does not support indexing HOT 1
- Json not vaild HOT 1
- MatplotlibDeprecationWarning using matplotlib 3.3.1 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from modsecurity-parser.